jaydee/ansible
1
0
Fork 0
mirror of https://gitlab.sectorq.eu/jaydee/ansible.git synced 2025-10-31 02:11:10 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

upt playbook

Browse Source
This commit is contained in:
jaydee
2023-10-23 10:52:53 +02:00
parent 6a8b0336f4
commit 17de42280c
6 changed files with 35 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
playbooks/00_initial_adjustments.yml
View File

@@ -13,24 +13,19 @@
line: "export HISTCONTROL=ignoreboth" line: "export HISTCONTROL=ignoreboth"
- name: Set a hostname - name: Set a hostname
ansible.builtin.hostname: ansible.builtin.hostname:
name: odroidc4-1 name: >-
when: ansible_eth0.macaddress == "00:1e:06:48:b3:0c" {%- if ansible_eth0.macaddress == "00:1e:06:48:cd:8e" -%}
- name: Set a hostname odroidc4-1
ansible.builtin.hostname: {%- elif ansible_eth0.macaddress == "00:1e:06:48:d0:00" -%}
name: odroidc4-2 odroidc4-2
when: ansible_eth0.macaddress == "00:1e:06:48:cd:86" {%- elif ansible_eth0.macaddress == "00:1e:06:48:d0:01" -%}
- name: Set a hostname odroidc4-3
ansible.builtin.hostname: {%- elif ansible_eth0.macaddress == "00:1e:06:48:cd:86" -%}
name: odroidc4-3 odroidc4-4
when: ansible_eth0.macaddress == "00:1e:06:48:d0:01" {%- elif ansible_eth0.macaddress == "00:1e:06:48:b3:0c" -%}
- name: Set a hostname odroidc4-5
ansible.builtin.hostname: {%- endif -%}
name: odroidc4-4
when: ansible_eth0.macaddress == "00:1e:06:48:d0:00"
- name: Set a hostname
ansible.builtin.hostname:
name: odroidc4-5
when: ansible_eth0.macaddress == "00:1e:06:48:cd:8e"
- name: Iptables 1 - name: Iptables 1
ansible.builtin.command: ansible.builtin.command:
iptables -F iptables -F

12
playbooks/00_install_ldap_client.yml
View File

@@ -1,4 +1,4 @@
- hosts: raspberry - hosts: odroid_cluster
name: Install omv name: Install omv
become: true become: true
tasks: tasks:
@@ -65,7 +65,7 @@
ansible.builtin.lineinfile: ansible.builtin.lineinfile:
path: /etc/nslcd.conf path: /etc/nslcd.conf
regexp: "^uri ldap.*" regexp: "^uri ldap.*"
line: "uri ldaps://ldap-server.loc/" line: "uri ldap://192.168.77.106:389/"
- name: Reconfigure ldap base - name: Reconfigure ldap base
@@ -84,7 +84,7 @@
ansible.builtin.lineinfile: ansible.builtin.lineinfile:
path: /etc/nslcd.conf path: /etc/nslcd.conf
regexp: "^#bindpw" regexp: "^#bindpw"
line: "bindpw l4c1j4yd33Du5lo" line: "bindpw {{ ldap_admin_password }}"
# - name: Reconfigure ldap base # - name: Reconfigure ldap base
# ansible.builtin.lineinfile: # ansible.builtin.lineinfile:
# path: /etc/nslcd.conf # path: /etc/nslcd.conf
@@ -118,7 +118,11 @@
path: /etc/ssh/sshd_config path: /etc/ssh/sshd_config
regexp: "^#AuthorizedKeysCommandUser *" regexp: "^#AuthorizedKeysCommandUser *"
line: "AuthorizedKeysCommandUser root" line: "AuthorizedKeysCommandUser root"
- name: Create a directory LDAP if it does not exist
ansible.builtin.file:
path: /etc/ldap/
state: directory
mode: '0755'
- name: Creating a file with content - name: Creating a file with content
copy: copy:
dest: "/etc/ldap/ldap.conf" dest: "/etc/ldap/ldap.conf"

6
playbooks/70_install_k3s.yml
View File

@@ -34,7 +34,7 @@
- name: (reboot) Wait for server to restart - name: (reboot) Wait for server to restart
wait_for_connection: wait_for_connection:
delay: 75 delay: 75
- name: Wait for service 'myservice' to be running - name: Wait for service 'k3s.service' to be running
service_facts: service_facts:
register: result register: result
until: result.ansible_facts.services['k3s.service'].state == 'running' until: result.ansible_facts.services['k3s.service'].state == 'running'
@@ -45,7 +45,7 @@
#get registration token #get registration token
# curl -u "token-wg66j:p26nwqs9ckqbth4h8gtfd2g7858g8smbtpgmxq9qr52w4795l5jvv9" -X GET -H 'Accept: application/json' -H 'Content-Type: application/json' https://192.168.77.106:8543/v3/clusters/c-xq5pv/clusterRegistrationTokens --insecure|jq # curl -u "token-wg66j:p26nwqs9ckqbth4h8gtfd2g7858g8smbtpgmxq9qr52w4795l5jvv9" -X GET -H 'Accept: application/json' -H 'Content-Type: application/json' https://192.168.77.106:8543/v3/clusters/c-xq5pv/clusterRegistrationTokens --insecure|jq
- name: Create new cluster in rancher - name: Create new cluster in rancher
ansible.builtin.shell: "curl -u 'token-wg66j:p26nwqs9ckqbth4h8gtfd2g7858g8smbtpgmxq9qr52w4795l5jvv9' -X POST -H 'Accept: application/json' -H 'Content-Type: application/json' -d '{\"name\":\"odroid\"}' 'https://192.168.77.106:8543/v3/clusters' --insecure| jq .id" ansible.builtin.shell: "curl -u '{{ rancher_api_key }}' -X POST -H 'Accept: application/json' -H 'Content-Type: application/json' -d '{\"name\":\"odroid\"}' 'https://192.168.77.106:8543/v3/clusters' --insecure| jq .id"
changed_when: false changed_when: false
ignore_errors: true ignore_errors: true
register: cluster_id register: cluster_id
@@ -54,7 +54,7 @@
ansible.builtin.debug: ansible.builtin.debug:
msg: "{{ cluster_id.stdout }}" msg: "{{ cluster_id.stdout }}"
- name: Create new cluster in rancher - name: Create new cluster in rancher
ansible.builtin.shell: "curl -u 'token-wg66j:p26nwqs9ckqbth4h8gtfd2g7858g8smbtpgmxq9qr52w4795l5jvv9' -X GET -H 'Accept: application/json' -H 'Content-Type: application/json' https://192.168.77.106:8543/v3/clusters/{{ cluster_id.stdout }}/clusterRegistrationTokens --insecure| jq .data[0].manifestUrl" ansible.builtin.shell: "curl -u '{{ rancher_api_key }}' -X GET -H 'Accept: application/json' -H 'Content-Type: application/json' https://192.168.77.106:8543/v3/clusters/{{ cluster_id.stdout }}/clusterRegistrationTokens --insecure| jq .data[0].manifestUrl"
changed_when: false changed_when: false
ignore_errors: true ignore_errors: true
register: register_id register: register_id

11
playbooks/72_install_k3s_worker.yml
View File

@@ -1,13 +1,16 @@
- hosts: odroid_worker - hosts: odroid_worker
name: Setup k3s name: Setup k3s
become: true become: true
vars:
K3S_TOKEN_HOLDER: "{{ hostvars['K3S_TOKEN_HOLDER']['token'] }}"
# K3S_TOKEN_HOLDER: "K10e86c2dee93cc36d405fbeb34ef64e8867c097493ef2e0f2e95feb5bb30ded39b::server:5f3d5033ee0554caab810c863b0587d2"
tasks: tasks:
- name: Print token - name: Print token
ansible.builtin.debug: ansible.builtin.debug:
msg: "[Master] K3S_TOKEN_HOLDER K8S token is {{ hostvars['K3S_TOKEN_HOLDER']['token'] }}" msg: "[Master] K3S_TOKEN_HOLDER K8S token is {{ K3S_TOKEN_HOLDER }}"
- name: Print msg - name: Print msg
ansible.builtin.debug: ansible.builtin.debug:
msg: "{{ hostvars['K3S_TOKEN_HOLDER']['token'] }}" msg: "{{ K3S_TOKEN_HOLDER }}"
- name: Get hostname - name: Get hostname
ansible.builtin.command: uname -n ansible.builtin.command: uname -n
register: result register: result
@@ -18,6 +21,6 @@
- name: Install K3S Worker - name: Install K3S Worker
ansible.builtin.shell: >- ansible.builtin.shell: >-
curl -sfL https://get.k3s.io curl -sfL https://get.k3s.io
| K3S_TOKEN={{ hostvars['K3S_TOKEN_HOLDER']['token'] }} | K3S_TOKEN={{ K3S_TOKEN_HOLDER }}
K3S_URL="https://192.168.77.161:6443" K3S_NODE_NAME="{{ result.stdout }}" INSTALL_K3S_VERSION="v1.24.1+k3s1" sh - K3S_URL="https://192.168.77.131:6443" K3S_NODE_NAME="{{ result.stdout }}" INSTALL_K3S_VERSION="v1.24.1+k3s1" sh -
changed_when: false changed_when: false

3
playbooks/99_complete_install.yml
View File

@@ -19,5 +19,8 @@
import_playbook: 70_install_k3s.yml import_playbook: 70_install_k3s.yml
- name: Install worker - name: Install worker
import_playbook: 72_install_k3s_worker.yml import_playbook: 72_install_k3s_worker.yml
- name: Install zabbix agent
import_playbook: 00_install_zabbix_agent.yml
- name: Reboot All - name: Reboot All
import_playbook: 11_reboot.yml import_playbook: 11_reboot.yml

2
playbooks/sync_mailu2_data.yaml
View File

@@ -1,4 +1,4 @@
- hosts: containers - hosts: 192.168.77.106
name: Sync mailu name: Sync mailu
ignore_unreachable: false ignore_unreachable: false
tasks: tasks: